-
Posts
80 -
Joined
-
Last visited
-
Days Won
1
RupeeClock last won the day on December 7 2016
RupeeClock had the most liked content!
Reputation
36 ExcellentAbout RupeeClock
- Birthday 10/18/1989
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
Fantastic to see the Mew files archived onto the gallery, with accommodating event videos.
-
The video in question is using an arbitrary execution glitch to rewrite certain parts of the Pokémon in save data, in order to give it the necessary DVs to make it shiny upon transfer. From what I've gathered, the Mew import legality check is only checking for that OT/TID combination of GF/22796, I don't believe it actually checks that the Mew have 15/15/15/15/15 DVs? So if I'm not mistaken, this would mean you could use the arbitrary execution glitch to give the Mew the necessary DVs, and it would successfully import and come through shiny. Technically speaking, it shouldn't be legal though as they never distributed any Mews that should conceivably be shiny.
-
Yup, I'll definitely be making the effort to get my own Softboiled Mew after this, despite actually having already transferred my Mew. That's what JKSM is for though!
-
What's most hilarious is that Poké Transporter is accepting a modified Pokémon Yellow as a save source. It logically follows that it just checks for a matching title ID, and looks at the save contents matching that title, but still hilarious. Of course I reckon it's probably just easier to clone/inject as many Mews as you please, like if you want Gen 1 TM moves of varying natures. Moves like Softboiled and Whirlwind are probably the most interesting as Mew lacks access to Recover or Roar, or similar moves. Actually I think this might be the only way to get that legal Softboiled Mew that the Smogon sets use.
-
Pokémon Bank update finally dropped! I got to import my Mew from VC Pokémon Yellow, this required boxing the Mew into the first box. Upon transferring, it arrived with 31/27/31/31/31/31 IVs and a Timid nature. This is pretty great, as apparently Pokémon imported from Gen I are "guaranteed to have 3 perfect IVs, and a random nature". The Mew already have a perfect spread of 15/15/15/15/15 DVs though, so I'm wondering how they picked an attack IV of 27 when it's attack DV would've been 15. I extracted my Mew using PKHex if you wanna examine the bytes. I thought it pretty interesting that it has a generated shiny value too, and a trainer shiny value based on the OT. The GF Mew had a TSV of 1424, I'm interested to see if this is consistent. It might not be shiny locked as a result of this. Oh yeah and it was also nice that the Bank update gave away free Mewnium Z to Sun/Moon game cards, via mystery gift. A few other Gen I Pokémon I imported have a TSV of 2512. They also indeed have 3 perfect IVs and random natures, my Rattata got its HA Hustle, my Sandshrew got its HA Sand Rush, my Caterpie got its HA Run Away, and my Mankey got its HA Defiant. Edit: Turns out SciresM is really on the ball with figuring out how the transfers work, nature is determined by EXP, IVs are purely random, nearly everything always gets its hidden ability, genders are completely random despite how gen II determined them using DVs. Every untrained Mew imported will always be timid, and you can manipulate which nature it will get by getting a specific EXP number. 151 - Mew - 44C0A4DC05E1.pk7
-
I guess that pretty much confirms it then, all VC RBY Mews distributed are the same, although trash bytes may change if boxed. All that's left is to wait for the Pokémon Bank update, how exciting.
-
Huh, I don't think the homebrew method of dumping the save game should make a difference, all will ultimately run a program that decrypts a save file and dumps the contents to the SD card. Also with thanks to soundhax my cousin might be able to share his save if he finds any time to even play his 3DS.
-
Oh excellent, hopefully this will shed some light on things. I did get to see my cousin this past Christmas, but he forgot to bring his 3DS with him so sadly I didn't get to make a backup of his Mew. That means we don't have a sample that is guaranteed to have come from a separate distribution system. Even so I imagine the data is going to be identical anyway.
-
We do know these keys, but these won't serve any purpose of possibly reverse-engineering anything to figure out a range of keys if Nintendo implemented their cryptography correctly. If you have 2 ^ 128 combinations of keys, you are going to pick one as randomly as possible and not limit where you can pick from. To explain what keys are. Every time you buy a title from the eShop, the CDN gives you a title key in encrypted format, which is stored on the 3DS system itself. This title key grants you permission to request a download from their CDN. Due to 3DS hacking developments at the start of the year where the 3DS was fully exploited, specifically gaining control of the ARM9 kernal and breaking the cryptography implementation, this made it possible to dump and decrypt the title keys stored on a system, and even share them among other 3DS systems. This lead to the development of an application called freeShop, which enables you to download anything directly from Nintendo's eShop CDN if you have the appropriate title keys, legitimate or illegally shared. The lack of authentication beyond anything other than title keys on the 3DS is what made this possible, and could've very easily been avoided if they authenticated purchases on the server side instead of the client side. A possible reasoning for doing this is that some 3DS systems come pre-installed with games, and if you perform a system transfer to such a system it will retain the pre-installed software along with the title key, thereby granting you that game to keep. This state of affairs means that in order to download the Mew Distribution App, you need a 3DS that has the app installed since the title is not publicly listed, and then you would need to hack this 3DS to dump and decrypt the title key. This would be extremely unlikely as the systems would be controlled by Nintendo UK or NIntendo of Japan.
-
Bruteforcing this sort of thing seems like a silly thing to do too, seeing as it's just a small distro app. We kinda sorta know how to reproduce the distro app as it is, as we have data on the Mew distributed and an understanding of how the rom/VC title works. That also seems silly as you can just inject the event data now.
-
if I'm not mistaken, the only way we could hope to get that key is if someone with the title installed on their system, hacked the system, and then dumped and shared the title key. That seems extremely unlikely.
-
The trash being intentional is not unexpected, as it's maybe one of the few ways they can verify you have an event Mew instead of a glitched or save hacked Mew. I hope we can get more samples too, just to confirm if there are data differences or not. At this stage it seems less likely.
-
Well that settles that then, there really was a special distribution version. It'll be extremely lucky if we ever get to use them, but this was a nice finding.
-
I have doubts about that, I don't think binary size is relative so much as there's an astronomical number of possible encryption values, so a bruteforcing attempt maybe wouldn't be shorter. I could be mistaken. My other thought was that the VC versions might be hiding some functionality that haven't been looked into. What if a Mew distribution was planned in advance so that there exists an undocumented distribution mode in the commercial VC release of Red Version?
-
Fascinating, simply by examining the "trash" bytes and with intimate knowledge of the game's programming, you were able to deduce at the event was running a modified VC version of Pokémon Red. The alterations could be done either patched on-the-fly or baked into the VC rom, but in either case coupled with the visible restore points is solid evidence of a special Distribution version of the game. If it's a digital title, who knows, it might even exist on the eShop CDN like Sun/Moon did at some point. If it were though I would think it would've already been discovered though, and simply knowing about it's (possible) existence is probably insufficient to even acquire it.